CVE Daily

CVE-2016-2871

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses cleartext stor...

High CVSS 7.8

Overview

IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 uses cleartext storage for unspecified passwords, which allows local users to obtain sensitive information by reading a configuration file.

CWE: CWE-255 Published: 2016-11-30T18:59:01.390
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 7.8 (HIGH)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags